1. Field
The present invention relates generally to detecting malicious activity in a mobile station.
2. Background
Detection of malware on a mobile station, such as a cellular telephone, is constrained by the device's limited resources (power, memory, bandwidth, etc.). Thus, PC-style signature matching on a mobile device is not an effective solution for malware detection and removal. An alternative is for a thin client on a device to generate a signature/hash of installed applications, and to forward the signature(s) to a network-based server for signature matching. However, network-based signature matching generally fails to protect against “zero-day” attacks, or against web-applications and web-based malware.
There is therefore a need for a technique for detecting malicious activity in a mobile station in an effective manner.